Phil, I think this is a terrific use of Sovrin and specifically of the ability of DIDs and DDOs to provide the current public key for a GPG contact. I can’t wait until we can implement the whole stack. I’d love to hear other’s thoughts about it.

If a given entity rotates its keys while retaining its DID for other parties to be able to contact it, what happens to all the claims that have been signed with the old keys? Would the entity in question need to re-make and re-sign all of its claims everytime keys are renewed?

My understanding is that, because of the additive nature of the ledger, outdated DDOs - hence, outdated pub keys - will never be overwritten, so a mechanism could be devised for the verifier to get the old keys together with the most recent one.

However, I concur it is unpractical to check the claim signature against 100 old keys. One option could be to include the reference to the correct version of the DDO into the signature (via a signed attribute).
This approach resembles a common practice in digital signature, where the X509 certificate is embedded into the signature. The certificate (i.e., a signed binding between a key and an entity) would be replaced in this case by the proper DID-DDO association in the ledger.

Luca, that’s a great suggestion, and the same thought I was having as I read Carlo’s question. However that requires that a particular version of a DDO be uniquely addressable in the ledger. That’s not currently a requirement in the DID Implementer’s Draft 01 spec.

All transactions in the ledger have a sequence number. Think of it like the analog of RowID in old, familiar RDBMSes. If you can point to the transaction associated with a DDO by its sequence number, then looking up that DDO should be very efficient.

I believe a sequence number is just a 64-bit unsigned integer. And yes, the sequence number associated with a particular version of a DDO (as recorded in a particular transaction) is communicated. The most common operation against the ledger, by a factor of 10x over all others, will probably be a lookup of the current verification key for DID x. We expect this query to often be framed as “I have version 12345 of the DDO for DID x; if that’s not current, what’s the new DDO content and sequence number? And oh by the way, prove to me that this answer is true.” The “12345” in that description would be the sequence number, and by allowing the question to be asked this way, we make it possible to optimize the answer by (90+% of the time) returning a proof that nothing has changed. The alternative would be to always return the current DDO plus a proof, which would be far more expensive.